Subject: Re: IPSEC still fails on BETA2/vax
To: Brian Chase <firstname.lastname@example.org>
From: Olaf Seibert <email@example.com>
Date: 07/10/2002 02:47:40
On Tue 09 Jul 2002 at 16:31:48 -0700, Brian Chase wrote:
> On Wed, 10 Jul 2002, Olaf Seibert wrote:
> > On Tue 09 Jul 2002 at 08:33:37 +0900, firstname.lastname@example.org wrote:
> > > sorry, i checked your original posting. could you check where the
> > > kernel code is returning EINVAL in UPDATE message handling? it should
> > > be somewhere inside sys/netkey/*.c (some printfs should do it).
> > I added some printf() calls in sys/netkey/key.c in the function
> > key_update(). Now I get this on my console (racoon output mixed with
> > kernel output). I show the spi from the kernel messages and the one
> > other occurrance of it. Could it be some time-out because there is such
> > a long time (1 minute 21 seconds) between these parts?
> Just out of curiosity, Olaf, on which model of VAX are you running this?
A VAXstation 3100 (M38) which apparently has 2.8 VUPs. It is certainly
not the fastest beast in the world - it took about a week to build the
world, last time I tried.
I already increased timeouts in racoon.conf, and tomorrow I will try the
sysctl setting Itojun suggested. I was not aware of it, so I think this
will give good results. I was afraid of some hard-to-find code
generation bug but for the moment I am confident that it is just the
___ Olaf 'Rhialto' Seibert - rhialto@ -- Woe betide the one who feels
\X/ polderland.nl -- remorse without sin - Tom Poes, "Het boze oog", 4444.